Archive for September 14th, 2017

The biggest advertising organizations say Apple will “sabotage” the current economic model of the internet with plans to integrate cookie-blocking technology into the new version of Safari. Marty Swant, reporting for AdWeek: Six trade groups — the Interactive Advertising Bureau, American Advertising Federation, the Association of National Advertisers, the 4A’s and two others — say they’re “deeply concerned” with Apple’s plans to release a version of the internet browser that overrides and replaces user cookie preferences with a set of Apple-controlled standards. The feature, which is called “Intelligent Tracking Prevention, ” limits how advertisers and websites can track users across the internet by putting in place a 24-hour limit on ad retargeting. In an open letter expected to be published this afternoon, the groups describe the new standards as “opaque and arbitrary, ” warning that the changes could affect the “infrastructure of the modern internet, ” which largely relies on consistent standards across websites. The groups say the feature also hurts user experience by making advertising more “generic and less timely and useful.” Read more of this story at Slashdot.

Enlarge (credit: IBM ) Every time we discuss quantum computers, the headline tends to be that someone, somewhere is going to use the quantum to break your encryption and steal your student loan. If only that were true. But it is probably more realistic to think about quantum computers being used to solve quantum problems. And this has been demonstrated with recent chemistry calculations using a tiny quantum computer. If solving quantum problems with quantum computers sounds a bit circular, well, it is, but it is also practical. Think of it like this: every protein in your body has the structure it has because of quantum mechanics. And a physicist who is clever, but not intelligent, can write down an exact equation that describes that protein. But not even the most intelligent can solve that equation. Understanding molecules is hard A lazier physicist would write a computer script to solve the equation. But that won’t work either, because the time it takes to solve an exact description of the molecule will take longer than it takes to go from Big Bang to Heat Death. So we live with approximations. Approximations that are mostly pretty good but sometimes fail spectacularly. And, for some molecules, those approximations don’t speed up calculations very much at all. Read 13 remaining paragraphs | Comments

Preeti Desai of the National Audubon Society came across a dead creature on the beach in Texas City, Texas. She took photos and tweeted: “Okay, biology twitter, what the heck is this?? Found on a beach in Texas City, TX. #wildlifeid.” The consensus is that the fang-toothed, snake-like, eel-like creature is a fangtooth snake-eel . From Yahoo : Biologist Dr. Kenneth Tighe of the Smithsonian National Museum of Natural History was able to answer Desai’s question after the request was passed along to him. Tighe believed the creature to be an Aplatophis chauliodus, which is also known as a fangtooth snake-eel or tusky eel. The toothy creature’s scientific name translates to “terrible serpent.” “It might be [a] Bathyuroconger vicinus or Xenomystax congroides,” Tighe told EarthTouch News on Thursday. “All three of these species occur off Texas and have large fang-like teeth. Too bad you can’t clearly see the tip of the tail. That would differentiate between the ophichthid and the congrids.” Okay, biology twitter, what the heck is this?? Found on a beach in Texas City, TX. #wildlifeid pic.twitter.com/9IUuuL65qh — Preeti Desai

Enlarge / One of the fee-based services ExpensiveWallpaper apps subscribed users to. Researchers recently found at least 50 apps in the official Google Play market that made charges for fee-based services without the knowledge or permission of users. The apps were downloaded as many as 4.2 million times. Google quickly removed the apps after the researchers reported them, but within days, apps from the same malicious family were back and infected more than 5,000 devices. The apps, all from a family of malware that security firm Check Point calls ExpensiveWall, surreptitiously uploaded phone numbers, locations, and unique hardware identifiers to attacker-controlled servers. The apps then used the phone numbers to sign up unwitting users to premium services and to send fraudulent premium text messages, a move that caused users to be billed. Check Point researchers didn’t know how much revenue was generated by the apps. Google Play showed the apps had from 1 million to 4.2 million downloads. Packing heat ExpensiveWall—named after one of the individual apps called LovelyWall—used a common obfuscation technique known as packing. By compressing or encrypting the executable file before it’s uploaded to Play, attackers can hide its maliciousness from Google’s malware scanners. A key included in the package then reassembled the executable once the file was safely on the targeted device. Although packing is more than a decade old, Google’s failure to catch the apps, even after the first batch was removed, underscores how effective the technique remains. Read 3 remaining paragraphs | Comments

According to Bleeping Computer, a WordPress plug that goes by the name Display Widgets has been used to install a backdoor on WordPress sites across the internet for the past two and a half months. While the WordPress.org team removed the plugin from the official WordPress Plugins repository, the plugin managed to be installed on more than 200, 000 sites at the time of its removal. The good news is that the backdoor code was only found between Display Widgets version 2.6.1 (released June 30) and version 2.6.3 (released September 2), so it’s unlikely everyone who installed the plugin is affected. WordPress.org staff members reportedly removed the plugin three times before for similar violations. Bleeping Computer has compiled a history of events in its report, put together with data aggregated from three different investigations by David Law, White Fir Design, and Wordfence. The report adds: The original Display Widgets is a plugin that allowed WordPress site owners to control which, how, and when WordPress widgets appear on their sites. Stephanie Wells of Strategy11 developed the plugin, but after switching her focus to a premium version of the plugin, she decided to sell the open source version to a new developer who would have had the time to cater to its userbase. A month after buying the plugin in May, its new owner released a first new version — v2.6.0 — on June 21. Read more of this story at Slashdot.

Reader wired_parrot writes: The credit report provider Equifax has been accused of a fresh data security breach, this time affecting its Argentine operations. The breach was revealed after security researchers discovered that an online employee tool used by Equifax Argentina was accessible using the “admin/admin” password combination. Read more of this story at Slashdot.